Soon, all health insurers will be required by law to provide their policyholders with a secure digital identity upon request as a supplement to the electronic health insurance card (e-health card). This is stipulated by the Digital Care and Nursing Modernisation Act (DVPMG). Everything is set. As of 1 January, 2024, policyholders’ electronic health cards and electronic ID cards shall, upon request, receive a digital twin for their smartphone. They are intended to provide insured parties with secure access to social welfare services that process, among other things, related data, e.g. enable policyholders to view their patient records and also serve as an insurance ID with doctors and healthcare facilities.
For BARMER, too, these requirements entail an expansion of its services: a secure authentication process will, in future, allow policyholders to use their digital identity as a form of identification to directly access their electronic patient records and view electronic prescriptions and emergency data on their cell phones. The crux of the matter is that the telematics company (gematik) entrusted with these tasks set very high security standards for the identification and authentication of the policyholders and for the entire duration of data access. To meet these stringent requirements, BARMER commissioned T-Systems and its partner Verimi to provide and manage maximum security digital identities for over 8.7 million policyholders.
The gematik specification of implementing a trusted execution environment (TEE) implies that operators of an identification and authentication solution in the healthcare environment must demonstrate a technical solution that makes accessing all personal medical data impossible. Access is reserved solely for policyholders and persons authorised by them. It is, therefore, necessary to protect data not only during transmission and storage, but also at the time of processing. In addition, the TEE provides for the following:
The highly sensitive social welfare data must also be processed in accordance with the stipulations set out in the German Social Code (SGB). In other words:
The introduction of digital identities allows our policyholders to have easy access to our online services with the highest level of security. We are pleased to have two experienced partners, T-Systems and Verimi, and their invaluable support in offering this user-friendly solution as soon as possible.